Another Crypto Heist: $150M+ Stolen from Trading Platform BitMart (cnbc.com) 59
"We have identified a large-scale security breach..." the official announcement begins.
CNBC reports: Hackers have taken $196 million from crypto trading platform BitMart, a security firm said Saturday.
BitMart confirmed the hack in an official statement Saturday night, calling it "a large-scale security breach" and writing that hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield estimates that the loss is closer to $200 million. BitMart added in a statement that all withdrawals had been temporarily suspended until further notice and said a thorough security review was underway.
Peckshield was the first to notice the breach on Saturday, noting that one of BitMart's addresses showed a steady outflow of tens of millions of dollars to an address which [Ethereum analytics platform] Etherscan referred to as the "BitMart Hacker."
Peckshield estimated that BitMart lost around $100 million in various cryptocurrencies on the ethereum blockchain and another $96 million from coins on the binance smart chain. The hackers made off with a mix of more than 20 tokens, including binance coin, safemoon, and shiba inu.
This comes on the heels of a $120 million cryptocurrency heist from BadgerDAO.
CNBC reports: Hackers have taken $196 million from crypto trading platform BitMart, a security firm said Saturday.
BitMart confirmed the hack in an official statement Saturday night, calling it "a large-scale security breach" and writing that hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield estimates that the loss is closer to $200 million. BitMart added in a statement that all withdrawals had been temporarily suspended until further notice and said a thorough security review was underway.
Peckshield was the first to notice the breach on Saturday, noting that one of BitMart's addresses showed a steady outflow of tens of millions of dollars to an address which [Ethereum analytics platform] Etherscan referred to as the "BitMart Hacker."
Peckshield estimated that BitMart lost around $100 million in various cryptocurrencies on the ethereum blockchain and another $96 million from coins on the binance smart chain. The hackers made off with a mix of more than 20 tokens, including binance coin, safemoon, and shiba inu.
This comes on the heels of a $120 million cryptocurrency heist from BadgerDAO.
Insurance will cover that (Score:3)
Re: (Score:1)
Re: (Score:2, Insightful)
Dream on.
No self respecting insurance operation is going to touch crypto with a 10-foot pole. How can you even put a dollar value to something that can swing +/-20% on any given week?
Re: (Score:2)
Re: (Score:2)
Dream on.
No self respecting insurance operation is going to touch crypto with a 10-foot pole. How can you even put a dollar value to something that can swing +/-20% on any given week?
Insurance like SIPC (the FDIC version for brokerages) and similar don't care about the fluctuating value. That is not what they are insuring. They are insuring against theft or loss. The price can go to zero and they still don't have to pay out. Think of it like insurance for gold, paintings, or expensive cars. What matters is if it is stolen not if the item appreciates or depreciates. Now, just like a vault with a bunch of gold, an insurance company is likely going to want to audit the security and m
Re: Insurance will cover that (Score:2)
Whatever you want to insure. You can choose $1 or $1000000000, to the insurers it makes no difference as long as they don't have to replace anything. If you're insuring 5 specific bitcoin then sure, valuation is an issue. But nobody will do that.
Re: (Score:2)
Re: (Score:2)
They will but the will only pay out on the value of the car, the reason is quite simple fraud if I can insure my $1,000 car for $1,000,000 get a friend to steal it they are up for the bill of $1,000,000 there is a big incentive for you to cheat.
For something like bitcoin, since it fluctuates wildly you would probably have to pick maximum valuation, they would pay you up to the maximum no more.
Re: (Score:3)
You don't get it. What's the dollar amount to be insured on X BTC?
The dollar amount doesn't matter.
It's like if I ship a letter and insure it for $1000 dollars. The insurance is for if they lose the package.
If the package gets lost, they aren't going to replace the letter, they are just going to pay the amount that it was insured for.
You can insure a signed baseball or a paperclip for $1M.
Unless you have a replacement cost policy, the insurance company doesn't care about the value of the item they are insuring.
The insurance company pays out X dollars on loss or theft.
The
Re: (Score:2)
Re: (Score:3)
Even without Irreversible Thefts, there is also the potential for Irreversible Loss through irresponsibility, unlikely events, and acts of sabotage.
Nobody has any idea how many coins have already been lost forever (at least lost until until quantum blah blah...)
How many people know where all the copies of the keys are? How many know where at least one copy is? What if they all take the same flight, or work in the same building? Insurance company OK with any
Re: (Score:2)
Re: (Score:2)
You'd be insane to insure your crypto exchange. You'd have to pay through the nose, which means your customers would have to pay through their collective noses, which means you wouldn't have any customers.
FAR better to just go commando and fold if something bad happens. Or steal it yourself.
Re: (Score:2)
You'd be insane to insure your crypto exchange. You'd have to pay through the nose, which means your customers would have to pay through their collective noses, which means you wouldn't have any customers.
FAR better to just go commando and fold if something bad happens. Or steal it yourself.
of course, however the question was will insurance companies cover it, not whether it was economically viable. Even so an insurance company to cover them would have all sorts of caveats and requirements for security audits before they would do so (which they probably would not pass), and then if they did pass the price would be unaffordable.
Re: (Score:2)
Insurance can cover nearly anything with high enough premiums paid. But cryptocurrency theft is so frequent, the assets so unregulated, and the transfers so difficult to validate as theft rather than money laundering that it would seem a very risky investment for insurance companies to insure.
Re: (Score:2)
Re: (Score:2)
Insurance companies will cover lottery payouts and other high risk gambles will they cover Bitcoin exchanges?
No chance. Oh, sure, an exchange may (possibly) get a quote, but given the general 3rd-ratedness of the tech used (including the "coins"), it will be far too high to pay and an insurance will not accept payment in crapcoins. Also, it will exclude all problems caused by incompetence and broken security, so if will not help.
Most insurances will just politely decline though.
Cheese and Rice (Score:2, Troll)
Krypto, from the start (Imagine the nightmare of teaching a dog with superpowers to leave the bacon alone), was the 2nd best option to governmental fiat currency.... sort of like reflecting on your life choices and deciding to go with a meth habit, instead of a crack addiction.
Stuff your crypto-cash in your e-mattress (Score:1)
Pick your favorite online game, buy a private island, build a e-mansion, buy an e-bed and put it in the e-bedroom, then stuff your e-coins in your e-mattress. They'll be safer that way.
Of course, this only works if you lock your e-bedroom's e-door.
The only part about this that isn't satire is the "be safer that way" part. If you REALLY want your crypto-cash to be un-hackable, store it offline in a very secure real-world place. Of course, you still have the problem of physical destruction, but hey, life i
Re: (Score:2)
Portable, high-value, anonymous == perfect to rob (Score:4, Insightful)
Re: (Score:1)
Cryptocurrencies were designed to "look like cash". So that carries consequences quite different from value transfer systems made to look as un-like cash as possible. But apparently we're so used to the likes of paypal (which might retract payments up to 180 days after the fact, and might instruct customers to destroy the merchandise, like violins, because they, and not an expert, determined "the goods looked dodgy" from a picture) that this needs explicit mention time and again.
Given that this design feat
Re: (Score:1)
Cryptocurrencies are tailor-made for robbery
It's a feature, not a bug.
As was fortold from the beginning (Score:4, Interesting)
I previously mentioned that while Satoshi Nakamoto was an excellent programmer (thus bitcoin itself has very few bugs), some of the alt coins were not written by people so skilled.
When it comes to exchanges, the situation is even worse. The code is so bad it is written by people who don't even care. They basically want to be hacked. This has happened over and over.
Re: (Score:2)
I previously mentioned that while Satoshi Nakamoto was an excellent programmer (thus bitcoin itself has very few bugs), some of the alt coins were not written by people so skilled.
When it comes to exchanges, the situation is even worse. The code is so bad it is written by people who don't even care. They basically want to be hacked. This has happened over and over.
Insurance companies balance risk versus premiums. Given the apparent risk, I would expect that the premiums would be gigantic. This is the price of an unregulated system. Since the people running the exchanges are not the ones being robbed and probably can't be held liable, there is not a lot of incentive to take the effort to make a theft proof system (if that is even possible).
Re: (Score:2)
Since the people running the exchanges are not the ones being robbed and probably can't be held liable
That depends on whether they were holding people's cryptographic keys, or only their cash.
If they weren't holding people's cryptographic keys, then there wasn't really a reason to have an exchange.
Re: (Score:2)
or only their cash
Cash?
Re:As was fortold from the beginning (Score:5, Insightful)
When it comes to exchanges, the situation is even worse. The code is so bad it is written by people who don't even care. They basically want to be hacked. This has happened over and over.
Which is precisely why I suspect that in most cases, the exchanges themselves stole the money.
Re: (Score:2)
Re: (Score:2)
Sometimes it looks like it has been [yahoo.com]. There's been plenty of fraud [wikipedia.org]. And that's just some fraud that's illegal.
Re: (Score:2)
Re: (Score:2)
What are you talking about? I gave you a link to tons of examples of cryptocurrency fraud. Do you think bitcoin is not Defi?
Re: (Score:2)
Re: (Score:2)
I previously mentioned that while Satoshi Nakamoto was an excellent programmer (thus bitcoin itself has very few bugs), some of the alt coins were not written by people so skilled.
When it comes to exchanges, the situation is even worse. The code is so bad it is written by people who don't even care. They basically want to be hacked. This has happened over and over.
Indeed. I was in involved in one case where they thought they were actually being careful. Not a crypto-currency itself but related tech. It was 3 weeks to go-life, the software did not exist at all and they wanted a careful security-review before the go-life. We basically told them this was impossible and they should plan for at least 3 to 6 months if they wanted any real security. Very nice offices, clearly they had money to burn, but they also had absolutely no clue what they were doing. I never have see
All your crypto belong to us (Score:3)
They set us up the script!
Imagine being the guy who wrote that contract? (Score:1)
Should govt take crypto theft seriously? (Score:5, Insightful)
Why? Governments should very clearly say, Any crypto that enables tax dodging and money laundering will be totally on their own. No government law enforcement action will apply. Its open season on them.
Re: (Score:2)
If you kept your life savings at BitMart,, they'll probably just laugh at you when you report it.
Re: (Score:3)
Well, the trick is, if government gets involved, all of a sudden the books are in the open, so tax dodgers suddenly are revealed.
So any government interest is really in getting all the books out in the open - knowing who and how much money was lost is more valuable to the government in the interest of taxation than actual law enforcement.
The choice is either the government protects the cash, but also unmasks the identities of account holders and their transactions (for law enforcement and taxation), or you
Re: (Score:2)
Why? Governments should very clearly say, Any crypto that enables tax dodging and money laundering will be totally on their own. No government law enforcement action will apply. Its open season on them.
They effectively already have. All those regulations and consumer protection rules that prevents you or me getting fleeced during a bank robbery or financial breakdown don't apply to crypto heists.
At this point you'd be a complete moron to trust any exchange with your actual valuables.
Re: (Score:2)
There is a sucker born every minute ...
Re: (Score:1)
Re: (Score:2)
Another one bites the dust (Score:2)
Absolutely not surprise. These people have lots of greed and lots of enthusiasm but no clue whatsoever. Pretty much the same as the average "investor". Of course, this is going to happen regularly now, because the black-hats are clued in after what happened in the recent past. Hopefully it will kill the whole messed-up idea for good.
Dupe! (Score:5, Insightful)
Oh wait no it isn't, it's just people's money being stolen is so frequent now that it's hard to tell if we've heard this story before.
At what point do we stop calling it news and relegate it to a statistical daily counter like America does with gunshot victims?
Re: (Score:2)
Right, daily and weekly amounts in a graph is all we really need anymore...
No dupe (Score:2)
You really start wondering how many losses crypto can survive. I suppose it doesnâ(TM)t matter to the buyer whether they buy stolen or legitimate crypto. But it matters a lot to owners.
Aaaaaaand It's Gone (Score:2)